On 1/22/2018 2:17 PM, Kees Cook wrote:> On Tue, Jan 23, 2018 at 4:01 AM, Santosh Shilimkar> <santosh.shilimkar@oracle.com> wrote:>> On 1/22/2018 3:24 AM, Kees Cook wrote:>>>>>> As described in: https://bugzilla.redhat.com/show_bug.cgi?id=822754>>>>>> Attempting an RDS connection from the IP address of an IPoIB interface>>> to itself causes a kernel panic due to a BUG_ON() being triggered.>>> Making the test less strict allows rds-ping to work without crashing>>> the machine.>>>>>> A local unprivileged user could use this flaw to crash the sytem.>>>>> Are you able to reproduce this issue on mainline kernel ?>> IIRC, this sjouldn't happen anymore but if you see it, please>> let me know. Will try it as well. rds-ping on self>> loopback device is often tested and used as well for>> monitoring services in production.> > I don't have an RDS test setup, no. But it sounds like kernels without> this patch aren't seeing the problem.>Yep. Thats what I thought and hence asked.

>> Am not sure if its applicable anymore. Infact the issue with>> loopback device was due to congestion update and thats been>> already addressed with commit '18fc25c94: {rds: prevent BUG_ON>> triggered on congestion update to loopback}'> > That looks very much like it was fixed there. Thanks!> Yeah. Thanks Kees !!